package work.jame.blog.configuration.security.handler;

import org.springframework.http.HttpStatus;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.web.access.AccessDeniedHandler;
import org.springframework.stereotype.Component;
import work.jame.blog.framework.result.Result;
import work.jame.blog.framework.utils.http.WebUtils;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/**
 * 授权失败异常处理
 *
 * @author : Jame
 * @date : 2023-05-10 14:46
 **/
@Component
public class AccessDeniedHandlerImpl implements AccessDeniedHandler {

    @Override
    public void handle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, AccessDeniedException e) {
        Result<?> result = Result.create(null, HttpStatus.FORBIDDEN.value(), "没有该权限");
        WebUtils.respondResult(httpServletResponse, result);
    }
}
